176 to 200 of 485 Permanent Vulnerability Management Jobs

threats. Conduct deep-dive investigations into alerts generated by Splunk or other monitoring tools. Develop and maintain threat intelligence reports, dashboards, and threat models. Collaborate with SOC, IR, and vulnerability management teams to contextualize and act on threat intelligence. Support cyber threat hunting initiatives by leveraging threat intelligence indicators and hypotheses. Participate in government-led cyber exercises or … Cyber Threat Intelligence (CTI) Analysis - Identifying, analyzing, and interpreting cyber threats from various internal and external sources to assess relevance and impact on the organization. Security Information and Event Management (SIEM) Tools - Proficient in using Splunk Enterprise Security for log analysis, alerting, and correlation of security events. Familiar with Microsoft Sentinel for threat detection and response. Incident Response Support … adversary tactics, techniques, and procedures (TTPs) using frameworks such as MITRE ATT&CK to provide context and attribution. Data Correlation and Enrichment - Correlating disparate data sets (e.g., IOC feeds, vulnerability databases, internal telemetry) to develop actionable intelligence. Report Writing & Briefing - Producing written reports, threat assessments, and briefings for technical and non-technical stakeholders. Communication and Stakeholder Engagement - Interfacing with More ❯

and strategic expertise to oversee multiple federal cybersecurity programs, drive operational efficiency, ensure compliance with regulatory standards, and cultivate client relationships that fuel practice expansion. Responsibilities: Operations (50%) Program Management: Oversee and manage cybersecurity operations across multiple federal government programs, ensuring contract deliverables, project goals, and compliance requirements are met. Operational Leadership: Lead cybersecurity teams in providing continuous monitoring … incident response, risk assessment, vulnerability management, and remediation activities, ensuring high operational standards. Policy & Compliance: Maintain alignment with federal cybersecurity policies, frameworks (NIST, FISMA, etc.), and agency-specific security mandates. Ensure all operations comply with federal standards and best practices. Resource Optimization: Optimize the allocation of resources to deliver high-quality services while managing cost and efficiency across … operational efficiency. Business Development (50%) Growth Strategy: Drive the growth of the cybersecurity practice by identifying and pursuing new federal contracting opportunities and expanding existing program footprints. Client Relationship Management: Build and maintain relationships with key stakeholders, agency partners, and clients. Identify client needs and tailor solutions that align with agency cybersecurity priorities. Proposal Development: Collaborate with the proposal More ❯

manage audits, risk assessments, and contract reviews, supporting effective governance across our operations. All applicants must be able to obtain/maintain a U.S. Security Clearance. Responsibilities Include: Compliance Management: Ensure adherence to DoD, NIST, FedRAMP, and other relevant standards. Contract Review: Analyze and evaluate contracts to maintain compliance. Security Inspections: Conduct facility inspections and system audits. Risk Assessments … Identify vulnerabilities and implement mitigation strategies. Compliance Tools: Utilize software for audits, penetration testing, and vulnerability management. Certifications: Stay updated with FCSB, CIC, and CISSP certifications, applying knowledge in daily tasks. Minimum Required Qualifications: Bachelor's degree in Business Administration, Computer Information Systems, or equivalent. 2 years of IT/Compliance experience in the U.S. Defense sector. Required Skills … tools, and penetration testing platforms. Knowledge of DoDCAS, FedRAMP, NIST, and ISO 27001. Proficiency in compliance tools, audit software, and penetration testing. Preferred Skills: Hands-on experience in compliance management, preferably in federal/DOD environments. Experience with cloud-based solutions and strong organizational skills. Ability to work independently and maintain confidentiality. Pay Range : $74,000 - $116,000 or More ❯

to join our dynamic Security Operations Team. As a Security Operations Engineer, you will play a critical role in safeguarding our organization's assets and data by overseeing the management of Trainline's SIEM. This is done by ensuring the SIEM is fully operational and that we have the logs and alerts needed to support incident detection and response … that our wider set of Security tools are optimized to their full potential in-line with industry best practice. Create and maintain detailed documentation and provide key insights to management through customized dashboards and reports. If you are passionate about cybersecurity, eager to stay ahead of emerging threats, and looking to grow within a fast-paced and evolving environment … we'd love to hear from you! As a Security Analyst at Trainline, you will Own the management and configuration of our SIEM platform (Splunk), ensuring its fully operational, updated, configured to best practice and providing value for money. Drive the creation of new alerts, working with the wider Security Operations team to ensure appropriate enrichment and value, and More ❯

Overview LMI is seeking a Network Integration Engineer to support the U.S. Department of Homeland Security (DHS) Customs and Border Protection (CBP) Program Management Office (PMO). This role is designed for engineers who thrive at the intersection of mission operations and applied technology-helping plan, implement, and evaluate networked systems that support national security and border protection. As … with up to 40% domestic travel. LMI is a consultancy dedicated to powering a future-ready, high-performing government, drawing from expertise in digital and analytic solutions, logistics, and management advisory services. We deliver integrated capabilities that incorporate emerging technologies and are tailored to customers' unique mission needs, backed by objective research and data analysis. Founded in 1961 to … help the Department of Defense resolve complex logistics management challenges, LMI continues to enable growth and transformation, enhance operational readiness and resiliency, and ensure mission success for federal civilian and defense agencies. Responsibilities Applied Network Engineering & Field Systems Support Support the design, integration, and field evaluation of secure, resilient network architectures supporting CBP mission systems. Evaluate network performance and More ❯

Design, implement, and manage cloud architectures on platforms such as AWS, Azure, or Google Cloud. • Build and maintain scalable, resilient, and high-performance cloud infrastructure. • Automate infrastructure provisioning and management using Infrastructure as Code (IaC) tools like Terraform, CloudFormation, or Ansible. • Optimize cloud resource usage for cost efficiency and performance. • Implement security best practices to protect cloud assets and … sensitive data. • Conduct risk assessments and vulnerability management in the cloud environment. • Ensure cloud infrastructure complies with industry standards, policies, and regulations (e.g., GDPR, HIPAA, SOC2). • Monitor cloud environments for performance, availability, and capacity planning. • Identify bottlenecks and work on optimizing cloud-based workloads. • Troubleshoot and resolve issues related to cloud infrastructure, including network, storage, and compute … e.g., Kubernetes, Docker). • Familiarity with CI/CD pipeline automation tools (e.g., Jenkins, GitLab CI, Azure DevOps). • Proficient in scripting languages (Python, Bash, etc.) for automation and management tasks. • Strong understanding of cloud networking, security (e.g., VPC, IAM, VPN, etc.), and monitoring tools. • Experience with logging and monitoring tools (e.g., CloudWatch, Prometheus, Datadog). • Knowledge of cloud More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯

in its mission as a Cybersecurity Systems Engineer (ISSE) in Herndon, Virginia. Responsibilities Document the various security control implementations as well as gather the artifacts that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation for the various Assessment and Authorization (A&A) efforts Document and obtain a general understanding of the architecture being developed or that … and hybrid Cloud experience (AWS, Microsoft Azure, etc.) Basic knowledge is helpful, but not required for the following general topics: Cloud security control implementation, PKI implementation, STIG compliance and vulnerability management, and Security, Development and Operations (SecDevOps) CISSP or GSLC certifications AWS Certified Security Specialty Microsoft Office products at the expert level (Word, Excel, PowerPoint) What you can More ❯

the opportunity to increase responsibilities to performing Information Security System Officer functions (some ISSO functions will be performed from a different location). Additionally, responsible for assisting in the management and control of an Intelligence Community Program within a Sensitive Compartmented Information Facility (SCIF), to include assisting in maintaining a security program in accordance with applicable regulations, directives and … guidance and general security support to Program and HII security offices. Preferred Requirements Background in one or more of the following: system administration, computer security, cybersecurity methodology, IT risk management tools, certification and accreditation through ICD-503, ICD-705 or NIST information system security controls. Possess or being willing to obtain IT certifications that meet DoD 8140 requirements. Effective … customer and organizational level communication, written, presentation and interpersonal skills. Familiarity with the RMF process and vulnerability management a plus. Physical Requirements Adequate visual acuity and manual dexterity for meeting the requirements of the Systems Analyst discipline. The listed salary range for this role is intended as a good faith estimate based on the role's location, expectations More ❯

Cloud infrastructure- ability to effectively deploy and manage cloud environments and integrate technologies that are part of customer stacks, to accurately replicate and resolve customer issues Knowledge of SIEM, vulnerability management tools, firewalls, malware, exploits, operating system structure and behavior Strong consulting and project management skills, with validated results working as a trusted advisor to drive business More ❯

of employees and outside contacts. Strong interpersonal skills and good judgment with the ability to work alone or as part of a team. Desired Experience Eight (8+) years in vulnerability management & penetration-testing corrective actions. Eight (8+) years supporting DoD defensive cyber operations: system protection, incident handling, reporting, recovery. Physical Demands Must be able to lift 25 pounds More ❯

and cybersecurity threats (e.g., malware, phishing, ransomware). Experience with scripting or automation tools (e.g., Python, PowerShell) is a plus. Proficiency with cybersecurity tools, such as SIEM (Splunk, ArcSight), vulnerability management platforms (Tenable, Qualys), and IAM systems. Experience with secure software development and DevSecOps practices. Original Posting: March 28, 2025 For U.S. Positions: While subject to change based More ❯

awareness, and provide training on security tools and procedures. Incident Response: Respond to security breaches and incidents, coordinating with other teams to contain the incident and restore normal operations. Vulnerability Management: Identify and address vulnerabilities in systems and applications, ensuring that systems are patched and configurations are secure. Compliance: Ensure that the organization complies with relevant security regulations More ❯

We are seeking a technically proficient Remediation Engineer - Security & Vulnerability Management to support our vulnerability management and threat remediation efforts. The successful candidate will play a pivotal role in analysing security vulnerabilities, coordinating with cross-functional teams, and implementing timely, effective remediation to reduce the organization's risk exposure-including on-premise environments, AWS, and Azure … through effective vulnerability lifecycle management, stakeholder engagement, and comprehensive tracking and reporting. Key Responsibilities Lead the identification, assessment, and remediation of vulnerabilities across all operating systems (Windows, Linux, macOS) and platforms (on-premise and cloud). Analyze vulnerability scan results from tools such as Qualys, Nessus and cloud native tools. Collaborate with system, application, and infrastructure teams … and application patching using tools such as SCCM, Ansible, Tanium, or Satellite. Contribute to remediation playbooks, SOPs, and security incident response plans. Manage and support secure configurations, patching, and vulnerability remediation across AWS and Azure environments. Remediate security misconfigurations or threats in AWS, Azure, and/or GCP using cloud-native security tools (e.g., AWS Inspector, Azure Security Center More ❯

federal facilities in: Washington, DC; Huntsville, AL; and Clarksburg, WV. A current TOP SECRET clearance is required to be considered. We are seeking a Mid-level Cybersecurity Analyst - Enterprise Vulnerability Assessment Program (EVAP) Team, to conduct Enterprise Vulnerability Assessment Program (EVAP) tasks. This role requires candidate to have technical experience to assist the EVAP Team and the government … customer to maintain a proactive and resilient vulnerability management posture across its enterprise systems and infrastructure. Key Responsibilities: Serve as the administrator for enterprise vulnerability assessment tools and practices Helps maintain the architecture, engineering, and operation of the EVAP scanning infrastructure Assist with configuring and optimizing scanning solutions to ensure accuracy and effectiveness Continue to stay current … Operation Procedures (SOP) to ensure tasks are performed within Cybersecurity policies Operational Oversight Performs daily operations of EVAP allowing EVAP, Red and Blue Teams to perform timely and effective vulnerability assessments Provide hands-on support for complex scans, troubleshooting, and result analysis Align scanning activities with organizational priorities for maximum impact Tool and Infrastructure Management Maintain and enhance More ❯

secured federal facilities in: Washington, DC; Huntsville, AL; and Clarksburg, WV. A current TOP SECRET clearance is required to be considered. We are seeking a Senior Cybersecurity Analyst - Enterprise Vulnerability Assessment Program (EVAP). This role combines strategic oversight and technical expertise to ensure the government customer maintains a proactive and resilient vulnerability management posture across its … enterprise systems and infrastructure. Key Responsibilities: Serve as the technical authority for enterprise vulnerability assessment tools and practices Manage the architecture, engineering, and operation of the EVAP scanning infrastructure Configure and optimize scanning solutions to ensure accuracy and effectiveness Stay current with emerging tools, technologies, and threat landscapes to refine methodologies Operational Oversight: Performs daily operations of EVAP allowing … EVAP, Red and Blue Teams to perform timely and effective vulnerability assessments Provide hands-on support for complex scans, troubleshooting, and result analysis Align scanning activities with organizational priorities for maximum impact Tool and Infrastructure Management: Maintain and enhance the FBI's enterprise vulnerability scanning tools and infrastructure Ensure tools are secure, up to date, and effectively More ❯

Program Description: The program provides Systems Engineering and Technical Assistance (SETA) core and non-core support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts Core Capabilities are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application … IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support. Position Description: The Cyber Data Science Engineer provides support to the customer in the area of Cyber Security. Daily Tasks include, but are not limited to: Utilize analytical, statistical, and programming skills to collect, analyze, and interpret large cybersecurity data sets Develop … data-driven solutions Analyze data sets found in the customer's vulnerability scanning, authorization, and configuration management tools Import and transform data into usable sets for analysis tools used by the customer (e.g., Tableau) Provide analysis and graphical presentations of collected metrics for IA compliance status reporting Support legacy visualization and situational awareness tools based on Microsoft Excel More ❯

coordination, and enforcement of cybersecurity policies and procedures in alignment with government and agency-specific standards. Your work will ensure systems operate securely and in compliance with the Risk Management Framework (RMF), while also supporting day-to-day operations and strategic initiatives. Key Responsibilities: Provide cybersecurity support for programs, systems, or organizational enclaves Develop, implement, and enforce IT security … A&A) Prepare and maintain documentation including SSPs, SCTMs, POA&Ms, and Risk Assessments Evaluate and implement security controls to meet NIST, DoD, and IC requirements Perform and document vulnerability/risk assessments and baseline evaluations Support configuration management and assess security impact of system changes Initiate reauthorization or decommissioning processes as needed Track and close out security … and system architecture Lead and support corrective actions when vulnerabilities are discovered Maintain system compliance through ongoing assessment and remediation Required Skills & Qualifications: Strong understanding of the NIST Risk Management Framework (RMF) Familiarity with security tools, encryption technologies, and communication protocols Knowledge of applicable IA policies, controls, and continuous monitoring strategies Ability to lead system authorization activities and manage More ❯

of safeguarding Industrial Control Systems and SCADA networks from evolving cyber threats.Key Responsibilities: Monitor and assess OT cybersecurity systems, ensuring effective threat detection and response. Conduct threat analysis and vulnerability assessments to support incident response activities. Develop and implement incident response plans tailored to OT environments. Support vulnerability management initiatives and penetration testing exercises. Contribute to policy … communicator with proven ability to influence and collaborate across functions. Comfortable working autonomously and leading small projects. Desirable: Background in cyber investigations or law enforcement protocols. Familiarity with project management principles. Ability to deliver awareness campaigns and contribute to continuous improvement. This is a unique opportunity to make a tangible impact on the UK’s energy resilience. If you More ❯

DLA applications/systems in production, test, development, and or staging environments hosted in government or commercial cloud and on-premise environments. Roles and Responsibilities: Systems Leadership & Enterprise Management • Lead Design and Operational technical teams supporting enterprise Oracle Fusion Middleware platforms with 300,000+ users • Direct day-to-day system administration across multiple locations including system optimization and user … assistance • Plan, develop, install, configure, maintain, and optimize all network software and communication links • Organize and direct configuration and operation of information management systems Infrastructure Operations & Support • Ensure stable operation of approximately 300 enterprise applications across Windows, UNIX, and Linux platforms • Provide local and remote maintenance support for operational systems deployed at multiple locations • Perform general maintenance, upgrades, and … load balancing and fault tolerance • Develop automated tools and scripts to increase system administrator efficiency and accuracy • Monitor application logs and system performance to ensure optimal operations Security & Compliance Management • Perform vulnerability management and security assessments across all platforms • Implement Security Technical Implementation Guides (STIGs) and respond to CERT tasking • Support Risk Management Framework (RMF) audits More ❯

full-spectrum cyber, data operations, systems integration and intelligence mission support services to meet our customers' most demanding challenges. Our capabilities include cyber space operations, cyber defense and resiliency, vulnerability research, ubiquitous technical surveillance, data intelligence, lifecycle mission enablement, and software modernization. Nightwing brings disruptive technologies, agility, and competitive offerings to customers in the intelligence community, defense, civil, and … full-spectrum cyber, data operations, systems integration and intelligence mission support services to meet our customers' most demanding challenges. Our capabilities include cyber space operations, cyber defense and resiliency, vulnerability research, ubiquitous technical surveillance, data intelligence, lifecycle mission enablement, and software modernization. Nightwing brings disruptive technologies, agility, and competitive offerings to customers in the intelligence community, defense, civil, and … severity of breaches, develop mitigation plans, and assist with the restoration of services. Nightwing is seeking a Cyber Action Officer to support this critical customer mission. Responsibilities: - Supporting the management of cyber incidents through the incident response lifecycle. - Creating and maintaining routine reporting of cyber incidents in official systems of record, to include case management systems and ticketing. More ❯

a multidisciplinary team, you will be responsible for coordinating and implementing technical controls and configuration settings and will work in a team environment alongside other cybersecurity engineers and Risk Management Framework (RMF) analysts responsible for supporting Information System Security Engineering efforts Responsibilities Working closely and supporting team members, vendors, and government customers Implementing DoD Security Technical Implementation Guides (STIGs … systems Assisting in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process Conducting ICS/SCADA system inventories following DoD guidance Conducting vulnerability scanning and document system vulnerabilities Supporting ISO standardization and Quality inspections Participating in continuous improvement of organizational cybersecurity posture Qualifications Education: 5+ Years of Experience with a Master's … Degree in Information Technology, Risk Management, Cybersecurity 7+ Years of Experience with a Bachelor's Degree in Information Technology, Risk Management, Cybersecurity 10+ Years of Experience with an Associate's Degree in Information Technology, Risk Management, Cybersecurity 12+ Years with a High School Diploma Required Progressive Experience: Working with industry and government agencies on the design of More ❯

Security Lead will be responsible for: Owning and leading the information security function, working collaboratively across all departments. Maintaining and evolving ISO 27001 certification and managing the Information Security Management System (ISMS) lifecycle. Performing regular risk assessments, developing and managing remediation plans, and conducting internal security audits. Ensuring compliance with data protection laws (e.g., GDPR) and addressing customer security … DevOps teams to implement security controls across cloud infrastructure (ideally AWS), including access control, encryption, and logging. Leading the incident response process and managing third-party penetration testing and vulnerability management activities. The ideal Information Security Lead will have experience with the following: 3-5 years of hands-on experience in an information security or IT risk/… solid understanding of cloud environments (AWS preferred) and common security risks associated with SaaS platforms. Hands-on knowledge of security tooling, including endpoint protection, SIEMs, DLP, identity and access management (IAM), and SSO. A clear understanding of data privacy laws, particularly GDPR. Familiarity with a range of security tools for endpoint protection, SSO/IAM, monitoring/logging, and More ❯

system changes Develop, execute, and improve documentation for installation, configuration, hardening, and operations and maintenance tasks Document activities, status, and issues worked on Provide input to and follow Configuration Management processes Ensure adherence to IT infrastructure standards, policies, and procedures Perform root cause analysis and resolve system and application faults and errors Maintain working knowledge of Microsoft Active Directory … Group Policy Objects (GPOs), DHCP, DNS, and PowerShell General understanding of antivirus and vulnerability scanning software Basic understanding of Security Information and Event Management (SIEM) tools Ensure compliance of assigned operating systems and applications with Department of Defense (DoD) directives, including DISA Security Technical Implementation Guide (STIG) and Information Assurance Vulnerability Management (IAVM) bulletins What's … s) Microsoft Certification(s) Application Skills Experience with software applications, including but not limited to: Analytical Graphics - STK (Systems Tool Kit) Dassault Systemes - Cameo Enterprise Architecture, SolidWorks Flexera - FlexNet Management Suite for Engineering Applications IBM - DOORS ERM MathWorks - MATLAB Oracle - Primavera P6 EPPM Siemens - NX, Teamcenter PLM Tableau - Server and Desktop More ❯

information systems, ensuring cybersecurity compliance, and implementing DoD cyber policies and standards throughout system lifecycles. This position requires deep knowledge of cybersecurity principles, DoD cybersecurity documentation, and proactive risk management in support of secure system integration and sustainment. This position is contingent on funding, with the anticipated award expected around July 2025. Responsibilities: Support Information Systems Security Managers (ISSMs … all cybersecurity threats and events. Maintain up-to-date cybersecurity-related documentation and ensure accessibility to authorized users. Review and analyze reports from penetration tests, static code analysis, and vulnerability scans. Analyze network architecture, data flows, organizational charts, and personnel assignments for potential cybersecurity vulnerabilities. Participate in continuous improvement of system security postures and assist in securing custom-developed … applications. Perform other duties as assigned. Required Skills: Strong understanding of DoD cybersecurity regulations, standards, and tools. Experience with RMF, vulnerability management, system hardening, and secure coding practices. Excellent communication and coordination skills across functional teams. Ability to assess, document, and mitigate cybersecurity risks in complex environments. U.S. Citizenship and active Top Secret/SCI clearance with CI More ❯